Re: Becoming a package maintainer
>>>>> On Mon, 16 Feb 1998, "AP" == Avery Pennarun wrote:
AP> While we're here, I know we don't want to make it any _more_ difficult
AP> to become a new maintainer, but step 2 as stated doesn't provide any
AP> additional security at all. For example, someone at Debian (or someone
AP> who intercepts my message along the way, steals it from my computer,
AP> etc.) could grab the image, use GIMP to write their own PGP fingerprint
AP> on it, re-sign the message, and send it out again.
AP> I think the intent of the rule is to require a _handwritten_ PGP
AP> fingerprint on the actual image, before it is scanned. With modern tools
AP> like GIMP, of course, even that's pretty hazy security...
We dropped the requirement for the reasons you gave above.
--
Proudly running Debian Linux! Linux vs. Windows is a no-Win situation....
Igor Grobman igor@debian.org igor@digicron.com
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: